RESOLVED FIXED 190139
[WPE] fix buffer over-read in RenderThemeWPE::mediaControlsStyleSheet() 
https://bugs.webkit.org/show_bug.cgi?id=190139
Summary [WPE] fix buffer over-read in RenderThemeWPE::mediaControlsStyleSheet()
Olivier Blin
Reported 2018-10-01 08:01:41 PDT
Like done for EFL in r210213, see https://bugs.webkit.org/show_bug.cgi?id=166622 This has been detected by a charactersAreAllASCII() assert failure. This is because ASCIILiteral() is wrongly used in mediaControlsStyleSheet(). mediaControlsBaseUserAgentStyleSheet is a char array, not a null-terminated string. It is thus incorrect to use StringImpl::createFromLiteral() that calls strlen() to get the string length. The String::ConstructFromLiteral constructor can not be used, since it skips the last character.
Attachments
Patch (2.03 KB, patch)
2018-10-01 08:03 PDT, Olivier Blin 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Olivier Blin
Comment 1 2018-10-01 08:03:33 PDT
Created attachment 351246 [details] Patch
WebKit Commit Bot
Comment 2 2018-10-01 10:19:54 PDT
Comment on attachment 351246 [details] Patch Clearing flags on attachment: 351246 Committed r236666: <https://trac.webkit.org/changeset/236666>
WebKit Commit Bot
Comment 3 2018-10-01 10:19:56 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.